zcrypto
zcrypto copied to clipboard
Liberal Go TLS + X.509 Library for Research
We should implement this in two stages: 1. Standalone CAA package, probably as a subpackage of `verifier/`. This would take a cert and a parent, and return CAA status. 2....
We're at about 87% test coverage in the verifier package, the remaining coverage is almost exclusively limited to testing lines that check signatures of certificates with matching subject/issuers. We need...
There's some way to autogenerate documentation from comments. The original Google code already has the comments, so at the very least that would autogenerate. We should generate it, and modify...
[`scanner.go` depends](https://github.com/zmap/zcrypto/blob/9791508aa1693598f7732f32e66503d3a70fc969/ct/scanner/scanner.go#L450) on the [go-logging](https://github.com/op/go-logging) library, and this requirement is exposed in zcrypto's public interface (`scanner.New`). Per a chat with @dadrian, [logrus](https://github.com/sirupsen/logrus) is now preferred for our development. Rather than...
zcrypto/tls currently only supports some subset of the Heartbeat protocol. It also allows sending the extension in the ClientHello. This could raise problems if a server wants to send arbitrary...
We use the tests for TLS from Golang in 2014. We should probably be pulling in the TLS tests from Golang 1.8. Additionally, we don't have good tests for our...
The CT package currently contains it's own fork of `crypto/x509` and `crypto/asn1`. It's not entirely clear why these are needed. At the very least, we should make sure whatever changes...
ZCrypto dependency update from `go get -u github.com/weppos/publicsuffix-go@master` on 2024-03-19T22:20:41 UTC.
Remove the message fragmentation mechanism in TLS 1.0 #381